<?php
require "include/bittorrent.php";
dbconn();
loggedinorreturn();
require_once(get_langfile_path());
if (get_user_class() < UC_SYSOP)
	stderr("错误", "权限不足");

$action = isset($_POST['action']) ? htmlspecialchars($_POST['action']) : (isset($_GET['action']) ? htmlspecialchars($_GET['action']) : 'showlist');

if ($action == 'showlist') {
	stdhead();
	print("<table border=1 cellspacing=0 cellpadding=5 width=750px>\n");
	$sql = sql_query("SELECT * FROM bannedemails") or sqlerr(__FILE__, __LINE__);
	$list = mysql_fetch_array($sql);
	?>
	<form method=post action=bannedemails.php>
		<input type=hidden name=action value=savelist>
		<tr><td><?php echo $lang_bannedemails['text_help1'] ?><br /><?php echo $lang_bannedemails['text_help2'] ?><br /><?php echo $lang_bannedemails['text_help3'] ?></td>
			<td><textarea name="value" rows="5" cols="40"><?php echo $list['value'] ?></textarea>
		<input type=submit value="<?php echo $lang_bannedemails['submit_save'] ?>"></form></td>
	</tr></table>
	<?php
	stdfoot();
} elseif ($action == 'savelist') {
	stdhead();
	$value = sqlesc(trim(htmlspecialchars($_POST['value'])));
	$res = sql_query("SELECT * FROM bannedemails");
	if (mysql_num_rows($res) <= 0) {
		sql_query("INSERT INTO bannedemails (value) VALUE ($value)");
	} else {
		sql_query("UPDATE bannedemails SET value = $value");
	}
	echo "<script>alert('成功');location.href='bannedemails.php';</script>";
	stdfoot();
}
